Critical Infrastructure Security Assessment

Overview

Although there are risks involved when increasing access to control systems, there are also worthwhile benefits, including increased automation, reduced system management costs, and greater control capabilities. By taking a risk-based approach, Foundstone helps organizations identify and prioritize risks to SCADA systems, analyze threats to that environment, and identify and resolve vulnerabilities before they are exploited by an attacker.

Since its inception in 1999, Foundstone has worked with utilities and manufacturers to address control systems. Foundstone understands the unique issues faced when dealing with control systems that must adhere to availability rates of seven 9s while not being able to run with traditional security controls installed, such as anti-virus tools and file integrity checkers.

Key Benefits

Foundstone consultants identify and mitigate the risk to your critical infrastructure by reviewing the people, process, and technology surrounding the targeted devices. This pinpoints vulnerabilities and gaps with industry-accepted best practices in the architecture, configuration, and ongoing management of your critical infrastructure.

Methodology

Foundstone assesses your critical infrastructure using the following six major phases:

Architecture security reviewEvaluate the network design of the SCADA environment, analyzing the security controls in place and the connectivity between the SCADA environment and the corporate network.

Critical infrastructure (SCADA) component security testingEvaluate the security of systems in the SCADA environment including routers, firewalls, control system servers, database systems, and ICCP gateways.

Perimeter device and server configuration reviewAssess the configurations of routers, firewalls, and SCADA servers against known industry best practices while looking for known vulnerabilities associated with the deployed product and associated utilities.

Wireless access reviewIdentify wireless access into the environment and evaluate weaknesses that could allow an attacker to gain access to the SCADA network.

Dial-up and remote access reviewIdentify systems with dial-up and remote access capability that could allow an attacker to gain access to the SCADA network.

Policy and procedure gap analysisEvaluate the current policies and procedures for critical infrastructure against known best practices according to the ISA-SP99 security standards.